Backup to Amazon S3

There are many different ways how you can backup your data. My preferred solution is to store backups on Amazon S3. It's cheap and not that complicated to set up. First you need an Amazon account, if you not already have one. Go to https://aws.amazon.com/s3/ and click Sign Up.

In the following tutorial I will setup a backup for a self-hosted Gitea server, but you can apply this tutorial to other files you want to backup to S3.

I usually add a lifecycle rule that automatically moves files after a few days from S3 to Glacier. Storing data on Glacier is much cheaper than S3 but downloading from Glacier cost you more and the files have to be stored at least 90 days on Glacier, if you delete them before additional fees apply. Glacier is especially useful for backups because you rarely need to download them. Also check the documentation about other storage classes: https://aws.amazon.com/s3/storage-classes/

Adding a lifecycle rule only makes sense when you backup files that are revisioned. For instance: backup-1.zip, backup-2.zip, backup-3.zip or backup-20180601.tar.gz, backup-20180602.tar.gz. If you always overwrite the old backup files the lifecycle rule never applies.

Click on the bucket name and open the Management tab, then click on Lifecycle and Add lifecycle rule.

Enter a rule name and click Next

Under Transitions select Current Version and add a transition to Glacier after 5 days.

Under Expiration select Current Version and expire objects after 95 days.

The next package we install is gpg to encrypt our backups. This protects our backups from the eyes from Amazon and everybody else that gains access to our S3 bucket. This is optional, if you don't care about the security of your backup files you can skip this.

sudo apt install gpg

We will encrypt the backup with AES, a symmetric encryption algorithm. Here an example how you can use gpgto AES encrypt and decrypt a text file.